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Amendments to the Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

Listing of Claims : 

1. (Original) A method for registering a mobile node with a home agent comprising: 
determining a home agent; 

establishing between the mobile node and the determined home agent a security tunnel having 

associated with said tunnel a single security association; and 
registering the mobile node with the home agent using the security tunnel. 

2. (Original) The method of claim 1 wherein establishing a security tunnel comprises: 
creating a security policy database for at least one of a binding update message, a return 

routability message, prefix discovery message and payload data packet; and 
associating two or more security policy databases with a security tunnel using a single security 
association. 

3. (Original) The method of claim 1 wherein registering the mobile node with the home 
agent comprises: 

dispatching a binding update request to the home agent using the security tunnel; and 
receiving a binding update acknowledgement by way of a reverse path security tunnel. 
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4. (Original) The method of claim 1 further comprising discovering an applicable prefix 
for the home agent using the security tunnel. 

5. (Original) The method of claim 1 further comprising conveying data to a 
correspondent node using the security tunnel. 

6. (Original) The method of claim 1 further comprising communicating a return 
routability signal to the home agent using the security tunnel. 

7. (Original) The method of claim 1 further comprising establishing a reverse path 
security tunnel having associated with said tunnel a single security association. 

8. (Original) The method of claim 7 wherein establishing a reverse path security tunnel 
comprises creating a security policy database for at least one of a binding update 
message, a return routability message, prefix discovery message and payload data packet; 
and associating one or more security policy databases with a security tunnel using a 
single security association. 

9. (Original) A mobile node comprising: 

mobile communication interface capable of communicating with a mobile network; 
home agent determination unit capable of identifying a home agent; security tunneling unit 
capable of establishing and maintaining a security tunnel between the mobile node and an 
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identified home agent, wherein an established security tunnel uses a single security 
association descriptor for one or more data paths; and 
registration unit capable of registering the mobile node with an identified home agent using an 
established security tunnel. 

10. (Original) The mobile node of claim 9 wherein the security tunnel unit comprises: 
security association descriptor capable of storing a security association; 

security policy descriptor capable of storing a security policy for at least one of a binding update 
message, a return routability message, a prefix discovery solicitation message and a 
payload data packet; 

messaging unit capable of formatting a secure message according to an incoming message that 
includes at least one of a binding update message, a return routability message, a prefix 
discovery message and a payload data packet and according to a security association 
stored in the security association descriptor and further capable of formatting a secure 
message using a security policy stored in any of the security policy descriptors, wherein 
the security policy descriptor is selected according to the type of the incoming message. 

11. (Original) The mobile node of claim 9 wherein the registration unit comprises: 
binding request message unit that directs to the security tunneling unit a binding message 

directed to a home agent according to an indicator received from the home agent 
determination unit; and 

binding acknowledgement unit that receives a binding update acknowledgement from the 
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security tunneling unit according to a tunneling packet received from the home agent 
using a reverse path security tunnel. 

12. (Original) The mobile node of claim 9 further comprising a prefix discovery unit 
capable of discovering an applicable prefix for the determined home agent using the 
established security tunnel. 

13. (Original) The mobile node of claim 9 further comprising a payload unit capable of 
accepting data from a client and directing it to the security tunneling unit. 

14. (Original) The mobile node of claim 9 further comprising route discovery unit 
capable of dispatching a return routability message to the security tunneling unit. 

15. (Original) The mobile node of claim 9 wherein the security tunneling unit is capable 
of establishing and maintaining a reverse path security tunnel between the mobile node 
and an identified home agent. 

16. (Original) The mobile node of claim 15 wherein the security tunneling unit 
comprises: reverse path security association descriptor capable of storing a security 
association; reverse path security policy descriptor capable of storing a security policy for 
at least one of a binding update acknowledgement message, a return routability reply 
message, a prefix discovery advertisement message and a return payload data packet 

5 



Application No.: 10/783,637 



Docket No.: 200311424-1 



wherein the messaging unit is capable of unsecuring a secure tunneling message 
according to a security association stored in the reverse path security association 
descriptor and according to a security descriptor stored in at least one of the reverse path 
security policy descriptors wherein the reverse path security policy descriptor is selected 
according to the type of secure tunneling message received. 

17. (Currently amended) A mobile node comprising: 
processor for executing an instruction [[an]] sequence; 
memory for storing an instructions sequence; 

mobile communications interface for communicating with a mobile network; 

instruction sequences stored in the memory including: home agent determination instruction 
sequence that, when executed by the processor, minimally causes the processor to 
identify a home agent for the mobile node; 

security tunneling instruction sequence that, when executed by the processor, minimally causes 
the processor to establish a security tunnel from the mobile node to an identified home 
agent where the security tunnel uses a single security association descriptor to secure a 
plurality of data paths; and registry instruction sequence that, when executed by the 
processor, minimally causes the processor to register the mobile node with an identified 
home agen t using the established security tunnel . 

18. (Original) The mobile node of claim 17 wherein the security tunneling instruction 
sequence causes the processor to establish a security tunnel by minimally causing the 
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processor to create a single security association that can be used by a plurality of data 
paths, including, but not limited to data paths for a binding update message, a return 
routability message, a prefix discovery message and a payload data packet. 

19. (Original) The mobile node of claim 17 wherein the registry instruction sequence 
causes the processor to register the mobile node by minimally causing the processor to 
dispatch a binding update request to an identified home agent using a security tunnel 
established by the processor when it executes the security tunneling instruction sequence. 

20. (Original) The mobile node of claim 17 further comprising a prefix discovery 
instruction sequence that, when executed by the processor, minimally causes the 
processor to discover a prefix for an identified home agent using a security tunnel 
established by the processor when it executes the security tunneling instruction sequence. 

21. (Original) The mobile node of claim 17 further comprising a payload instruction 
sequence that, when executed by the processor, minimally causes the processor to direct a 
payload data packet to an identified home agent using a security tunnel established by the 
processor when it executes the security tunneling instruction sequence. 

22. (Original) The mobile node of claim 17 further comprising a return path verification 
instruction sequence that, when executed by the processor, minimally causes the 
processor to direct a return routability message to an identified home agent using a 
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security tunnel established by the processor when it executes the security tunneling 
instruction sequence. 

23. (Original) The mobile node of claim 17 wherein the security tunneling instruction 
sequence further minimally causes the processor to establish a reverse path security 
tunnel capable of carrying a plurality of data paths using a single security association. 

24. (Original) The mobile node of claim 23 wherein the security tunneling instruction 
sequence, when executed by the processor, minimally causes the processor to establish a 
reverse path security tunnel by: creating a security policy database for at least one of a 
binding update message, a return routability message, prefix discovery message and 
payload data packet; and associating one or more security policy databases with a reverse 
path security tunnel using a single security association. 

25. (Original) A computer readable medium having imparted thereon instruction 
sequences for registering a mobile node with a home agent including: 

home agent determination instruction sequence that, when executed by a processor, minimally 
causes the processor to identify a home agent for the mobile node; 

security tunneling instruction sequence that, when executed by a processor, minimally causes the 
processor to establish a security tunnel from the mobile node to an identified home agent 
where the security tunnel uses a single security association descriptor to secure a plurality 
of data paths; and 
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registry instruction sequence that, when executed by a processor, minimally causes the processor 
to register the mobile node with an identified home agent. 

26. (Original) The computer readable medium of claim 25 wherein the security tunneling 
instruction sequence causes a processor to establish a security tunnel by minimally 
causing the processor to create a single security association that can be used by a plurality 
of data paths, including, but not limited to data paths for a binding update message, a 
return routability message, a prefix discovery message and a payload data packet. 

27. (Original) The computer readable medium of claim 25 wherein the registry 
instruction sequence causes the processor to register the mobile node by minimally 
causing the processor to dispatch a binding update request to an identified home agent 
using a security tunnel established by the processor when it executes the security 
tunneling instruction sequence. 

28. (Original) The computer readable medium of claim 25 further comprising a prefix 
discovery instruction sequence that, when executed by the processor, minimally causes 
the processor to discover prefix for an identified home agent using a security tunnel 
established by the processor when it executes the security tunneling instruction sequence. 

29. (Original) The computer readable medium of claim 25 further comprising a payload 
instruction sequence that, when executed by the processor, minimally causes the 
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processor to direct a payload data packet to an identified home agent using a security 
tunnel established by the processor when it executes the security tunneling instruction 
sequence. 

30. (Original) The computer readable medium of claim 25 further comprising a return 
path verification instruction sequence that, when executed by the processor, minimally 
causes the processor to direct a return routability message to an identified home agent 
using a security tunnel established by the processor when it executes the security 
tunneling instruction sequence. 

31. (Original) The computer readable medium of claim 25 wherein the security tunneling 
instruction sequence further minimally causes the processor to establish a reverse path 
security tunnel capable of carrying a plurality of data paths using a single security 
association. 

32. (Original) The computer readable medium of claim 3 1 wherein the security tunneling 
instruction sequence, when executed by the processor, minimally causes the processor to 
establish a reverse path security tunnel by: creating a security policy database for at least 
one of a binding update message, a return routability message, prefix discovery message 
and payload data packet; and associating one or more security policy databases with a 
reverse path security tunnel using a single security association. 
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33. (Original) A mobile node comprising: means for determining a home agent; means 
for establishing a single- security- association based security tunnel between the mobile 
node and a determined home agent; and means for registering the mobile node using an 
established security tunnel. 

34. (Original) The apparatus of claim 33 wherein the means for establishing a single- 
security association based security tunnel comprises means for associating a plurality of 
security policy databases with a single security association. 

35. (Original) The apparatus of claim 33 wherein the means for registering the mobile 
node comprises: means for dispatching a binding update message to an identified home 
agent using an established security tunnel; and means for receiving a binding update 
acknowledgement by way of a reverse path security tunnel. 

36. (Original) The apparatus of claim 33 further comprising a means for discovering an 
applicable prefix for the home agent using an established security tunnel. 

37. (Original) The apparatus of claim 33 further comprising a means for conveying data 
to a correspondent node using an established security tunnel. 

38. (Original) The apparatus of claim 33 further comprising a means for communicating 
a return routability signal to a determined home agent using an established security 



11 



Application No.: 10/783,637 



Docket No.: 200311424-1 



tunnel. 

39. (Original) The apparatus of claim 33 further comprising a means for establishing a 
reverse path single-security-association based security tunnel. 

40. (Original) The apparatus of claim 39 wherein the means for establishing a reverse 
path security tunnel comprises means for associating a plurality of security policy 
databases with a single security association. 
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